Skip to content

Instantly share code, notes, and snippets.

@mala

mala/jquery_xss_patch.js

Created April 26, 2012 13:23
Show Gist options
  • Star 7 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mala/2499522 to your computer and use it in GitHub Desktop.
Save mala/2499522 to your computer and use it in GitHub Desktop.
Download ZIP
jQuery XSS patch
Raw
jquery_xss_patch.js
(function(){
jQuery.fn.__init = jQuery.fn.init;
var old_expr = /^(?:[^<]*(<[\w\W]+>)[^>]*$)/;
var strict_expr = /^\s*</;
jQuery.fn.init = function(selector, context, rootjQuery){
if (typeof selector === "string") {
// console.log(selector);
if (old_expr.test(selector) && !strict_expr.test(selector)) {
throw 'Syntax error, html string must start with "<"';
}
}
return new jQuery.fn.__init(selector, context, rootjQuery);
};
})();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment